In recent days Bitcoin has been getting a bad name on account of its grotesque energy consumption (BBC). The problem is that Bitcoin uses “Proof of Work” to secure its ledger. Proof of work motivates nodes in the bitcoin network to compete to solve a computationally expensive math problem by rewarding them with Bitcoin. A good summary was provided in this video – How Bitcoin Works in 5 Minutes (Technical), and its longer sibling How Bitcoin Works Under the Hood both I think are by Scott Driscoll. Essentially you need to guess one component of a set of inputs to generate a target hash. The components include the correct balances in the ledger given the history of transactions. The first node to guess this hash self awards a fraction of bitcoin — the current version of Etherium works in essentially the same way, but the next version of Etherium is moving to a different approach to validation called Proof of Stake. I won’t cover proof of stake here.
Despite the negativity around the proof of work that occurs in these cryptocurrency blockchain implementations, not all blockchain implementations are so wasteful. I’ve had an awareness for a few years of a project being developed by the Government of British Columbia called the Verifiable Organization Network or more commonly known as the VON project. The VON project is built using several open-source (apache 2) components including the Linux Foundation’s Hyper Ledger Indy. These are bundled together with projects like Indy-Plenum and Indy-Node in the Sovrin Project as described by Nathan George in 2018. The purpose of the VON project is to “establish a better way to find, issue, store and share trustworthy data about organizations — locally and around the globe” (VON). The project leverages self-sovereign identity and verifiable credentials to help citizens interact with service providers with trustworthy and privacy-preserving technology. Sovrin supports zero-knowledge proofs that take advantage of RSA cryptography.
In George’s presentation, he describes how one of the elements of the Sovrin project that is different from the distributed trust system in CryptoCurrencies is that the Sovrin blockchain is “permissioned” with verified nodes which act as roots of trust. It is trustworthy because it is Byzantine Fault Tolerant. The permissioned nodes can be trusted because they are not anonymous but rather named organizations that have agreed to follow the rules of the network and can thus be held accountable if they behave maliciously. Similarly, I can’t create a slew of nodes on the network and start competing to outvote other nodes, as to do so I need to become permissioned and accepted by the governing board of the network. The consequence is that we can do away with the wasteful proof of work race and are only left with the duplication of storage of the ledger across the nodes on the network.
In George’s presentation, he describes a second concept that is different in a permissioned blockchain like HyperLedger Indy than it is in public blockchain like those used by cryptocurrencies. That is that in a public blockchain you use a single decentralized identifier (DID), whereas in the permissioned blockchain you can use a unique DID for each entity you interact with. In short, you could have at least n-1 squared DIDs where n is the number of entities on the network including yourself. I’m not entirely clear on whether you could use multiple DIDs to communicate with the same entity if you had a reason to do so.
What is missing now is why self-sovereign identity is important on a permissioned blockchain. The short answer is that the zero-knowledge proofs in combination with the ledger support verifiable credentials that can be revoked by the provider of those credentials. For example, I can provide proof to the bouncer at the local nightclub that I am legally allowed to enter the premises without revealing my name or my age, and without handing him my government-issued id. I can also ensure that the credential expires at a time that I am comfortable with. This level of granularity in managing credentials may on a world of possibilities on the privacy front that we are only just beginning to understand.
In summary, I would suggest that folks don’t write off blockchain out of hand on account of the problems with the implementation of a subset of cryptocurrencies. There are other technologies like Sovereign which rely on a subset of the implementation features of these technologies, but which may have tremendous potential for good.
Scott Driscoll: http://www.scottdriscoll.me/
Nathan George 2018: https://www.youtube.com/watch?v=lVHJiUrHv2A
The Von Project: https://vonx.io/